Whodunit? Finding Security Vulnerabilities in Application Code

by Brian Princecode provided by Veracode and Qualys

Application security has to start during the development process. That means fixing vulnerable code before applications are ever pushed out to the public. Much has been written about the secure software development lifecyclenow it's time to test security pros and developers alike. Can you find the vulnerabilities in the code?
Sorrythere is no prize involved, just a minor brainteaser for those of you who design applications or are charged with assessing their security. The code on the slides was provided by Veracode and Qualys.